conjur-cli 6.2.2 → 6.2.3

data/lib/conjur/command/users.rb

@@ -47,7 +47,11 @@ class Conjur::Command::Users < Conjur::Command
           if api.username == options[:user]
             exit_now! 'To rotate the API key of the currently logged-in user, use this command without any flags or options'
           end
-          puts api.resource([ Conjur.configuration.account, "user", options[:user] ].join(":")).rotate_api_key
+          user_resource_id = [Conjur.configuration.account, "user", options[:user]].join(":")
+          unless api.resource(user_resource_id).exists?
+            exit_now! "User '#{options[:user]}' not found"
+          end
+          puts api.resource(user_resource_id).rotate_api_key
         else
           username, password = Conjur::Authn.read_credentials
           new_api_key = Conjur::API.rotate_api_key username, password

data/lib/conjur/version.rb

@@ -19,6 +19,6 @@
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
 module Conjur
-  VERSION = '6.2.2'
+  VERSION = '6.2.3'
   ::Version=VERSION
 end

data/push-image

@@ -3,6 +3,7 @@
 set -e
 
 readonly REGISTRY="cyberark"
+readonly INTERNAL_REGISTRY="registry2.itci.conjur.net"
 readonly VERSION="$(cat VERSION)"
 readonly VERSION_TAG="5-${VERSION}"
 readonly image_name="conjur-cli"
@@ -22,17 +23,24 @@ git_description=$(git describe)
 # only when tag matches the VERSION, push VERSION and latest releases
 # and x and x.y releases
 #Ex: v5-6.2.1
-if [ "$git_description" = "v${VERSION_TAG}" ]; then
-  echo "Revision $git_description matches version $VERSION exactly. Pushing to Dockerhub..."
+if [ "${git_description}" = "v${VERSION}" ]; then
+  echo "Revision ${git_description} matches version ${VERSION} exactly. Pushing to Dockerhub..."
 
   for tag in "${TAGS[@]}"; do
-    echo "Tagging and pushing $REGISTRY/$image_name:$tag"
+    echo "Tagging and pushing ${REGISTRY}/${image_name}:${tag}"
+
+    # push to dockerhub
+    docker tag "${full_image_name}" "${REGISTRY}/${image_name}:${tag}"
+    docker push "${REGISTRY}/${image_name}:${tag}"
+
+    # push to internal registry
+    # necessary because some cyberark teams/networks can't pull from dockerhub
+    docker tag "${full_image_name}" "${INTERNAL_REGISTRY}/${image_name}:${tag}"
+    docker push "${INTERNAL_REGISTRY}/${image_name}:${tag}"
 
-    docker tag $full_image_name "$REGISTRY/$image_name:$tag"
-    docker push "$REGISTRY/$image_name:$tag"
   done
 
   # push to legacy `conjurinc/cli5` tag
-  docker tag $full_image_name conjurinc/cli5:latest
+  docker tag "${full_image_name}" conjurinc/cli5:latest
   docker push conjurinc/cli5:latest
 fi

data/spec/command/hosts_spec.rb

@@ -9,13 +9,19 @@ describe Conjur::Command::Hosts, logged_in: true do
         expect(RestClient::Request).to receive(:execute).with({
           method: :head,
           url: "https://core.example.com/api/resources/#{account}/host/redis001",
-          headers: {}
+          headers: {
+            authorization: "fakeauth",
+          },
+          username: "dknuth",
         }).and_return true
         expect(RestClient::Request).to receive(:execute).with({
             method: :put,
             url: "https://core.example.com/api/authn/#{account}/api_key?role=#{account}:host:redis001",
-            headers: {},
-            payload: ''
+            headers: {
+              authorization: "fakeauth",
+            },
+            payload: '',
+            username: "dknuth",
         }).and_return double(:response, body: 'new api key')
       end
 
@@ -23,5 +29,19 @@ describe Conjur::Command::Hosts, logged_in: true do
         invoke
       end
     end
+
+    describe_command 'host rotate_api_key --host non-existing' do
+      before do
+        expect(RestClient::Request).to receive(:execute).with({
+                  method: :head,
+                  url: "https://core.example.com/api/resources/#{account}/host/non-existing",
+                  headers: {authorization: "fakeauth"},
+                  username: username,
+              }).and_raise RestClient::ResourceNotFound
+      end
+      it 'rotate_api_key with non-existing --host option' do
+        expect { invoke }.to raise_error(GLI::CustomExit, /Host 'non-existing' not found/i)
+      end
+    end
   end
 end

data/spec/command/init_spec.rb

@@ -1,49 +1,46 @@
 require 'spec_helper'
 require 'highline'
 
-GITHUB_FP = "SHA1 Fingerprint=CA:06:F5:6B:25:8B:7A:0D:4F:2B:05:47:09:39:47:86:51:15:19:84"
+GITHUB_FP = "SHA1 Fingerprint=5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E"
 GITHUB_CERT = <<EOF
 -----BEGIN CERTIFICATE-----
-MIIHQjCCBiqgAwIBAgIQCgYwQn9bvO1pVzllk7ZFHzANBgkqhkiG9w0BAQsFADB1
+MIIG1TCCBb2gAwIBAgIQBVfICygmg6F7ChFEkylreTANBgkqhkiG9w0BAQsFADBw
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
-IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDUwODAwMDAwMFoXDTIwMDYwMzEy
-MDAwMFowgccxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
-BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF
-Ewc1MTU3NTUwMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQG
-A1UEBxMNU2FuIEZyYW5jaXNjbzEVMBMGA1UEChMMR2l0SHViLCBJbmMuMRMwEQYD
-VQQDEwpnaXRodWIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-xjyq8jyXDDrBTyitcnB90865tWBzpHSbindG/XqYQkzFMBlXmqkzC+FdTRBYyneZ
-w5Pz+XWQvL+74JW6LsWNc2EF0xCEqLOJuC9zjPAqbr7uroNLghGxYf13YdqbG5oj
-/4x+ogEG3dF/U5YIwVr658DKyESMV6eoYV9mDVfTuJastkqcwero+5ZAKfYVMLUE
-sMwFtoTDJFmVf6JlkOWwsxp1WcQ/MRQK1cyqOoUFUgYylgdh3yeCDPeF22Ax8AlQ
-xbcaI+GwfQL1FB7Jy+h+KjME9lE/UpgV6Qt2R1xNSmvFCBWu+NFX6epwFP/JRbkM
-fLz0beYFUvmMgLtwVpEPSwIDAQABo4IDeTCCA3UwHwYDVR0jBBgwFoAUPdNQpdag
-re7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFMnCU2FmnV+rJfQmzQ84mqhJ6kipMCUG
-A1UdEQQeMByCCmdpdGh1Yi5jb22CDnd3dy5naXRodWIuY29tMA4GA1UdDwEB/wQE
-AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0
-oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWcy
-LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2Vy
-dmVyLWcyLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIB
-FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGIBggrBgEF
-BQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBS
-BggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
-U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAA
-MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgCkuQmQtBhYFIe7E6LMZ3AKPDWY
-BPkb37jjd80OyA3cEAAAAWNBYm0KAAAEAwBHMEUCIQDRZp38cTWsWH2GdBpe/uPT
-Wnsu/m4BEC2+dIcvSykZYgIgCP5gGv6yzaazxBK2NwGdmmyuEFNSg2pARbMJlUFg
-U5UAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAWNBYm0tAAAE
-AwBHMEUCIQCi7omUvYLm0b2LobtEeRAYnlIo7n6JxbYdrtYdmPUWJQIgVgw1AZ51
-vK9ENinBg22FPxb82TvNDO05T17hxXRC2IYAdgC72d+8H4pxtZOUI5eqkntHOFeV
-CqtS6BqQlmQ2jh7RhQAAAWNBYm3fAAAEAwBHMEUCIQChzdTKUU2N+XcqcK0OJYrN
-8EYynloVxho4yPk6Dq3EPgIgdNH5u8rC3UcslQV4B9o0a0w204omDREGKTVuEpxG
-eOQwDQYJKoZIhvcNAQELBQADggEBAHAPWpanWOW/ip2oJ5grAH8mqQfaunuCVE+v
-ac+88lkDK/LVdFgl2B6kIHZiYClzKtfczG93hWvKbST4NRNHP9LiaQqdNC17e5vN
-HnXVUGw+yxyjMLGqkgepOnZ2Rb14kcTOGp4i5AuJuuaMwXmCo7jUwPwfLe1NUlVB
-Kqg6LK0Hcq4K0sZnxE8HFxiZ92WpV2AVWjRMEc/2z2shNoDvxvFUYyY1Oe67xINk
-myQKc+ygSBZzyLnXSFVWmHr3u5dcaaQGGAR42v6Ydr4iL38Hd4dOiBma+FXsXBIq
-WUjbST4VXmdaol7uzFMojA4zkxQDZAvF5XgJlAFadfySna/teik=
------END CERTIFICATE-----
+d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
+dXJhbmNlIFNlcnZlciBDQTAeFw0yMDA1MDUwMDAwMDBaFw0yMjA1MTAxMjAwMDBa
+MGYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T
+YW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIEluYy4xEzARBgNVBAMTCmdp
+dGh1Yi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MrTQ2J6a
+nox5KUwrqO9cQ9STO5R4/zBUxxvI5S8bmc0QjWfIVAwHWuT0Bn/H1oS0LM0tTkQm
+ARrqN77v9McVB8MWTGsmGQnS/1kQRFuKiYGUHf7iX5pfijbYsOkfb4AiVKysKUNV
+UtgVvpJoe5RWURjQp9XDWkeo2DzGHXLcBDadrM8VLC6H1/D9SXdVruxKqduLKR41
+Z/6dlSDdeY1gCnhz3Ch1pYbfMfsTCTamw+AtRtwlK3b2rfTHffhowjuzM15UKt+b
+rr/cEBlAjQTva8rutYU9K9ONgl+pG2u7Bv516DwmNy8xz9wOjTeOpeh0M9N/ewq8
+cgbR87LFaxi1AgMBAAGjggNzMIIDbzAfBgNVHSMEGDAWgBRRaP+QrwIHdTzM2WVk
+YqISuFlyOzAdBgNVHQ4EFgQUYwLSXQJf943VWhKedhE2loYsikgwJQYDVR0RBB4w
+HIIKZ2l0aHViLmNvbYIOd3d3LmdpdGh1Yi5jb20wDgYDVR0PAQH/BAQDAgWgMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5o
+dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMDSg
+MqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYu
+Y3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBz
+Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3
+MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEF
+BQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhp
+Z2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAXwGCisGAQQB
+1nkCBAIEggFsBIIBaAFmAHUAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVd
+x4QAAAFx5ltprwAABAMARjBEAiAuWGCWxN/M0Ms3KOsqFjDMHT8Aq0SlHfQ68KDg
+rVU6AAIgDA+2EB0D5W5r0i4Nhljx6ABlIByzrEdfcxiOD/o6//EAdQAiRUUHWVUk
+VpY/oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXHmW2nTAAAEAwBGMEQCIBp+XQKa
+UDiPHwjBxdv5qvgyALKaysKqMF60gqem8iPRAiAk9Dp5+VBUXfSHqyW+tVShUigh
+ndopccf8Gs21KJ4jXgB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXl
+AAABceZbahsAAAQDAEcwRQIgd/5HcxT4wfNV8zavwxjYkw2TYBAuRCcqp1SjWKFn
+4EoCIQDHSTHxnbpxWFbP6v5Y6nGFZCDjaHgd9HrzUv2J/DaacDANBgkqhkiG9w0B
+AQsFAAOCAQEAhjKPnBW4r+jR3gg6RA5xICTW/A5YMcyqtK0c1QzFr8S7/l+skGpC
+yCHrJfFrLDeyKqgabvLRT6YvvM862MGfMMDsk+sKWtzLbDIcYG7sbviGpU+gtG1q
+B0ohWNApfWWKyNpquqvwdSEzAEBvhcUT5idzbK7q45bQU9vBIWgQz+PYULAU7KmY
+z7jOYV09o22TNMQT+hFmo92+EBlwSeIETYEsHy5ZxixTRTvu9hP00CyEbiht5OTK
+5EiJG6vsIh/uEtRsdenMCxV06W2f20Af4iSFo0uk6c1ryHefh08FcwA4pSNUaPyi
+Pb8YGQ6o/blejFzo/OSiUnDueafSJ0p6SQ==
 EOF
 
 describe Conjur::Command::Init do

data/spec/command/users_spec.rb

@@ -52,5 +52,18 @@ describe Conjur::Command::Users, logged_in: true do
         invoke
       end
     end
+    describe_command 'user rotate_api_key --user non-existing' do
+      before do
+      expect(RestClient::Request).to receive(:execute).with({
+            method: :head,
+            url: "https://core.example.com/api/resources/#{account}/user/non-existing",
+            headers: {authorization: "fakeauth"},
+            username: username,
+        }).and_raise RestClient::ResourceNotFound
+      end
+      it 'rotate_api_key with non-existing --user option' do
+        expect { invoke }.to raise_error(GLI::CustomExit, /User 'non-existing' not found/i)
+      end
+    end
   end
 end

metadata

@@ -1,15 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: conjur-cli
 version: !ruby/object:Gem::Version
-  version: 6.2.2
+  version: 6.2.3
 platform: ruby
 authors:
-- Rafal Rzepecki
-- Kevin Gilpin
+- Conjur Maintainers
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-04-02 00:00:00.000000000 Z
+date: 2020-12-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -277,8 +276,7 @@ dependencies:
         version: '0.18'
 description: 
 email:
-- rafal@conjur.net
-- kgilpin@conjur.net
+- conj_maintainers@cyberark.com
 executables:
 - _conjur
 - conjur
@@ -286,8 +284,10 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".dockerignore"
+- ".github/CODEOWNERS"
 - ".github/ISSUE_TEMPLATE/bug.md"
 - ".github/ISSUE_TEMPLATE/feature_request.md"
+- ".github/PULL_REQUEST_TEMPLATE.md"
 - ".gitignore"
 - ".gitleaks.toml"
 - ".kateproject"
@@ -301,9 +301,11 @@ files:
 - Humanfile.md
 - Jenkinsfile
 - LICENSE
+- NOTICES.txt
 - PUBLISH.md
 - README.md
 - Rakefile
+- SECURITY.md
 - VERSION
 - bin/_conjur
 - bin/conjur
@@ -410,9 +412,9 @@ files:
 - spec/spec_helper.rb
 - standalone.entrypoint
 - test.sh
-homepage: https://github.com/conjurinc/cli-ruby
+homepage: https://github.com/cyberark/conjur-cli
 licenses:
-- MIT
+- Apache 2.0
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -429,7 +431,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Conjur command line interface